1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-12-11 08:06:13 +01:00
Commit graph

13 commits

Author SHA1 Message Date
epriestley
ded641ae32 Add basic per-object privacy policies
Summary:
Provides a basic start for access policies. Objects expose various capabilities, like CAN_VIEW, CAN_EDIT, etc., and set a policy for each capability. We currently implement three policies, PUBLIC (anyone, including logged-out), USERS (any logged-in) and NOONE (nobody). There's also a way to provide automatic capability grants (e.g., the owner of an object can always see it, even if some capability is set to "NOONE"), but I'm not sure how great the implementation feels and it might change.

Most of the code here is providing a primitive for efficient policy-aware list queries. The problem with doing queries naively is that you have to do crazy amounts of filtering, e.g. to show the user page 6, you need to filter at least 600 objects (and likely more) before you can figure out which ones are 500-600 for them. You can't just do "LIMIT 500, 100" because that might have only 50 results, or no results. Instead, the query looks like "WHERE id > last_visible_id", and then we fetch additional pages as necessary to satisfy the request.

The general idea is that we move all data access to Query classes and have them do object filtering. The ID paging primitive allows efficient paging in most cases, and the executeOne() method provides a concise way to do policy checks for edit/view screens.

We'll probably end up with mostly broader policy UIs or configuration-based policies, but there are at least a few cases for per-object privacy (e.g., marking tasks as "Security", and restricting things to the members of projects) so I figured we'd start with a flexible primitive and the simplify it in the UI where we can.

Test Plan: Unit tests, played around in the UI with various policy settings.

Reviewers: btrahan, vrana, jungejason

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T603

Differential Revision: https://secure.phabricator.com/D2210
2012-04-14 10:13:29 -07:00
epriestley
57fd4bc68b Kind-of-terrible (?) oncopy handler
Summary: Works in Safari, Firefox, Chrome.

Test Plan: Copied some text, threw up a little in my mouth.

Reviewers: aran, tuomaspelkonen, tomo, rstout, btrahan

Reviewed By: aran

CC: aran, epriestley, ddfisher

Maniphest Tasks: T145, T995

Differential Revision: https://secure.phabricator.com/D244
2012-03-15 19:04:59 -07:00
epriestley
b2890eeb0e Add "final" to all Phabricator "Controller" classes
Summary:
These are all unambiguously unextensible. Issues I hit:

  - Maniphest Change/Diff controllers, just consolidated them.
  - Some search controllers incorrectly extend from "Search" but should extend from "SearchBase". This has no runtime effects.
  - D1836 introduced a closure, which we don't handle correctly (somewhat on purpose; we target PHP 5.2). See T962.

Test Plan: Ran "testEverythingImplemented" unit test to identify classes extending from `final` classes. Resolved issues.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran, epriestley

Maniphest Tasks: T795

Differential Revision: https://secure.phabricator.com/D1843
2012-03-09 15:46:25 -08:00
vrana
8482569a47 Add line link to Paste
Summary: Better something than nothing.

Test Plan: View paste, click on line number.

Reviewers: codeblock, epriestley

Reviewed By: epriestley

CC: aran, epriestley

Differential Revision: https://secure.phabricator.com/D1596
2012-02-08 10:54:57 -08:00
Bob Trahan
84ea5c53e4 Kill PhabricatorFileURI
Summary:
we used to need this function for security purposes, but no longer need
it.   remove it so that some call sites can be optimized via smarter data
fetching, and so the whole codebase can have one less thing in it.

Test Plan:
verified the images displayed properly for each of the following
- viewed a diff with added images.
- viewed a user feed
- viewed a user profile
- viewed all image macros
- viewed a paste and clicked through "raw link"
weakness in testing around proxy files and transformed files.  not sure what
these are.  changes here are very programmatic however.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, btrahan, epriestley

Maniphest Tasks: T672

Differential Revision: https://secure.phabricator.com/D1354
2012-01-10 15:21:39 -08:00
Ricky Elrod
caa5b050b1 Fix header display bug on forked pastes.
Summary:
You can only call setHeader() on a Panel once. Otherwise the last sticks. Move the "forks of this paste" stuff to its own panel (only shown if there are, indeed, forks), and make the columns look nicer.

Test Plan:
Viewed previously forked pastes, forked a paste and looked at the original, and looked at a non-forked paste. All looked sane.

Reviewers:
epriestley

CC:

Differential Revision: 700
2011-07-21 11:22:56 -04:00
Ricky Elrod
95d6e0a3c4 Store parents of forked pastes, and list child pastes if there are any.
Summary:
Added a 'parent' field which stores a PHID of another paste. If it is not NULL show a list of children pastes on view.
Also did some misc. refactoring to clean up the code a bit, specifically in the Create controller.

Test Plan:
- Checked old pastes, they were not affected.
- Added a paste, successfully.
- Forked it, successfully.
- Went to the original paste, saw the child paste listed.
- Forked it again, saw the new one added to the list.

Reviewers:
epriestley

CC:

Differential Revision: 672
2011-07-15 18:42:08 -04:00
epriestley
85b34c23f9 Clean up Phabricator interface to syntax highlighting
Summary: Reduce the amount of code duplication here and allow for an override
configuration on the filename.map stuff.
Test Plan: Checked paste, diffusion and differential syntax highlighting and
everything appeared reasonable.
Reviewed By: codeblock
Reviewers: tuomaspelkonen, codeblock, jungejason, aran
CC: aran, codeblock, epriestley
Differential Revision: 601
2011-07-06 12:35:36 -07:00
epriestley
70cd8b1b34 Update Phabricator for split syntax highlighting API
Summary: I'll clean some of this stuff up in a followup too, but update the
callers to use the new explicit filename-based API.
Test Plan: Looked at paste, Diffusion and Differential.
Reviewed By: tuomaspelkonen
Reviewers: tuomaspelkonen, codeblock, jungejason, aran
CC: aran, tuomaspelkonen
Differential Revision: 600
2011-07-06 11:56:37 -07:00
Ricky Elrod
9454060c29 Add a syntax highlight dropdown, if pygments is enabled.
Summary:
- Add a default list of supported languages to default.conf.php
  and make the initial/default value customizable.
- Store a '' in the database to infer the language from the filename/title.

Test Plan:
Tested in my sandbox with pygments enabled and disabled and various
combinations of filename/extension/dropdown selection.

Reviewers:
epriestley

CC:

Differential Revision: 587
2011-07-04 12:23:43 -04:00
Ricky Elrod
9604680f9f Paste sucks when lines are too long.
Summary:
Paste was cutting off lines when they extended past the width of the screen.
Also change a pair of double quotes to single quotes, to follow convention.

Test Plan:
Tried this in Firefox 4 and Chrome.

Reviewers:
epriestley, toulouse

CC:

Differential Revision: 469
2011-06-16 20:42:02 -04:00
epriestley
555464c4a7 "Paste" application tweaks
Summary:
Tweaks to the paste app:

  - I realized that unlike all the other apps, it makes more sense for the
default view of this one to be "create paste" instead of "list pastes" since
when you access the application directly you are most often wanting to share
something. Swap list out of the default slot and make edit the default.
  - Make the textarea bigger (usability).
  - Allow you to copy an existing paste.
  - Implement 'raw view'.
  - Tweak/adjust list view (usability, formatting).
  - Tweak page titles.

Test Plan:
Created, copied, and listed pastes. Viewed raw paste. Created an invalid paste.
Tried to create a copy of a nonexistant paste.

Reviewed By: codeblock
Reviewers: codeblock, jungejason, aran, tuomaspelkonen
CC: aran, epriestley, codeblock
Differential Revision: 456
2011-06-13 21:13:32 -07:00
Ricky Elrod
b9c9f90164 Pastebin
Summary:
This is Paste. It needs some work, but epriestley recommended that I just commit something that works, and expand on that later.

Specifically, it lacks the ability to view a raw paste right now, and to turn off line numbers, making it hard to copy/paste from for now. It works for showing other people code, however.

Test Plan:
Pasted stuff, and was able to view it, and see it in the list on /paste/. Put a file extension in the title, and saw that syntax highlighting worked as expected.

Reviewers:
epriestley

CC:

Differential Revision: 424
2011-06-10 13:41:18 -04:00